Authentication

Authentication

Rightbrain supports two authentication methods - API Keys and OAuth 2.0 Clients.

You can create and manage both under Settings → API Clients

Which Method to Use

MethodBest ForAuthentication TypeTypical Usage
API KeysServer-to-server automation, internal tools, CI/CDLong-lived static keyQuick backend integrations or testing
OAuth 2.0 (Client Credentials)Service-to-service or multi-tenant systemsShort-lived access tokensSecure access between services
OAuth 2.0 (Authorization Code / PKCE)User-facing or client appsUser consent and delegated accessFrontend apps, SaaS integrations

Creating an API Key

Use API Keys for simple, persistent authentication in server environments.

1

1. Open Settings → API Clients

Visit your Rightbrain Dashboard and open the API Clients tab.

f2b95d65-fd21-47df-ae11-ea1b8e2b5854
2

2. Click “Create API Key”

Click + Create API Key and enter a descriptive name.

a3e90838-f38c-4444-a0a2-b1320714b7d2
3

3. Copy your key

Once created, copy and store your key securely.

0ad0e703-aafc-4992-8524-f328d82ac820
4

4. Use it in requests

$curl -X POST https://api.rightbrain.ai/v1/org/{org_id}/project/{project_id}/task/{task_id}/run \
>  -H "Authorization: Bearer YOUR_API_KEY" \
>  -H "Content-Type: application/json" \
>  -d '{"task_input": {"data": "Example input"}}'

Never expose API Keys in browser or client-side code.
For user-facing apps, always use OAuth 2.0.

Creating an OAuth 2.0 Client

OAuth 2.0 is recommended when you need short-lived, revocable tokens, ideal for distributed systems or multi-user applications.

1

1. Open Settings → API Clients

In your Dashboard, click + Create OAuth Client.

ff8cdeef-0a4a-4f28-bc46-da91e87ac526
2

2. Choose a grant type

  • Client Credentials for server-to-server integrations
  • Authorization Code or PKCE for user login or delegated access
3

3. Save and copy credentials

After saving, copy your Client ID and Client Secret - they’ll only appear once.

4

4. Request an access token

$curl -X POST https://oauth.rightbrain.ai/oauth2/token \
>  -H "Content-Type: application/x-www-form-urlencoded" \
>  -d "grant_type=client_credentials" \
>  -d "client_id=YOUR_CLIENT_ID" \
>  -d "client_secret=YOUR_CLIENT_SECRET" \
>  -d "scope=offline_access"

Response:

1{
2  "access_token": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9...",
3  "token_type": "Bearer",
4  "expires_in": 3600,
5  "scope": "offline_access"
6}

OAuth tokens are short-lived by design. Refresh or regenerate them periodically depending on your integration.

Quick Reference

Use CaseRecommended Authentication
Internal automation or scriptsAPI Key
Backend microservicesOAuth 2.0 (Client Credentials)
User login or delegated accessOAuth 2.0 (Authorization Code / PKCE)
Local testing and prototypingAPI Key
API Integration

Deploy and call Tasks via REST API

SDK Integration

Use the TypeScript SDK for type-safe access